Background
Staying competitive in the modern market requires enterprises adopt cloud computing, cloud storage and mobile services into their business model. But, this will bring increases in network connections that may attract ever more advanced cyber attack attempts to penetrate network protocols. Official reports have informed that about 8 of 10 organizations, regardless their scale and size, have suffered data breaches. Thus categorizing all organizations, even small and mid-sized, as being at risk from the continually increasing cyber attack attempts, especially since more and more enterprises and government organizations become targets for spear phishing, malware, ransomware and other types of threat attempts.
The enabling factor rearing the increase of attacks resides within the technological aspect. A modern day hacker poses an advanced familiarity of most conventional security systems implemented in today’s enterprise networks. With this advanced familiarity, hackers can become undetectable as they attempt to penetrate any weakness found in websites or other network protocols such as HTTP, FTP and SMTP mail server.
In actuality, they’re even able to penetrate traditional network-based signature authentications while eluding alert mechanisms. It might be possible to state that the level of sophistication in cyber attacks could be as much, if not more as that of conventional security measures.
Modern Day Threat Preventions Requirements
As previously mentioned, conventional security measures are identical in many ways and with minimal effort they can be penetrated by a hacker. For that reason, successfully combating cyber threats requires a next generation hardware platform to implement virtualized software-based solutions for higher complexity threat prevention to shield against massive volumes of DDoS traffic and targeted malware.
For modern day threat prevention, cyber experts suggested consideration of following aspects:
- Network and capacity analysis: 1/10/40 GbE LAN
- Protocol coverage: http, SMTP, FTP and more
- Sandbox: the virtual test ground to detect whether the incoming packet is a virus or malicious ware
- Virtual software tools such as authentication, filtering, deep packet inspection, reputation-inspection, payload check and endpoint inspection as well as detection of other suspicious behavior
- Physical location detection to inspect every connection both internally and externally
Achieving a flawless execution of the above mentioned tasks and duties requires of high-performance, next generation hardware platforms to run web application firewall, IPS and anti-virus, Application Delivery Control (ADP) as well as ransomware and malware prevention. The following are technological advancements that must be offered by the platform selected for implementation:
- High-flexibility for modular designs if scalability is needed
- Ultra-computing performances to conduct all the tasks and duties
- Reliability: replaceable cooling fans and redundant power supplies, as the appliances will be put into work on a 24/7 basis.
- Network bandwidth: as high as possible
Lanner’s Solutions
According to research of successful cases in the market, a majority of the well-defended and well-structured advanced threat preventions required two hardware platforms. For that reason, Lanner offers the collaboration of a high-performance x86 Network Security Appliance and 1U x86 Rackmount Network Appliance, FW-8896 and NCA-5210, as ideal deployments for threat preventions. Both appliances offer ultra-computing power, high flexibility and reliability to get the job done.
FW-8896: Network Security Appliance with Dual Intel CPUs
The FW-8896, successor to Lanner’s DPDK-ready flagship network computing platform, is a high-performance x86 Network Security Appliance built with Dual Intel® Xeon® processor E5-2600 v3/v4 CPUs (codenamed Haswell/Broadwell-EP) and the Intel® C612 series chipset (codenamed Wellsburg), features offered include 22nm process, enhanced SATA support and DDR4 support .
Built with Intel® Xeon® E5-2600 v3 processors that significantly enhance CPU, bandwidth and power efficiency as well as hardware performance, making Lanner’s FW-8896 appliance an ideal solution deployment to execute tasks requiring enhanced capabilities in packet processing and optimum instructions for communications workloads, such as enterprise firewall, IPS and UTM as well as application delivery controller (ADC), WAN optimization and high-performance network security.
The FW-8896 appliance’s build comes with 8 NIC modules and can support up to 64 GbE ports. Moreover, the appliance is capable of supporting up to sixteen quad-channel DDR4 2133 MHz to provide a memory capacity of up to 512GB.
NCA-5210: Enterprise UTM, Next Generation Firewall and Web Security 1U x86 Network Appliance
The NCA-5210, powered by 6th generation Intel® Core™14nm CPU (codenamed Skylake), is Lanner’s new 1U ultra-powerful x86 Rackmount Network Appliance. The build of the appliance’s new architecture supports Intel® Core™ i7-6700, i5-6500 or Xeon E3-1200 v5 Series processor as well as flexible LAN configurations, I/O boosting, comprehensive Intel® C236 series chipset for boost in I/O capacity and DDR4 memory support.
Presenting a 1U form factor design, Lanner’s NCA-5210 can support 8 or 12 RJ-45 GbE ports and 4 SFP LAN ports if opted, as well as 4 NIC module slots accommodating up to 40 GbE LAN once there has been installation of compatible modules. Additionally, to ensure network reliability the NCA-5210 features our latest LAN Bypass mechanism.
Both, Lanner’s FW-8896 and NCA-5210, are the top-choice in next generation threat preventions hardware solutions.